Skip to content

Exception Tracking Spreadsheet (TicklerTrax™)
Downloaded by more than 1,000 bankers. Free Excel spreadsheet to help you track missing and expiring documents for credit and loans, deposits, trusts, and more. Visualize your exception data in interactive charts and graphs. Provided by bank technology vendor, AccuSystems. Download TicklerTrax for free.

Click Now!

Top Story Technology Related


FTC final rule on impersonation of government and businesses

The Federal Trade Commission has finalized its Trade Regulation Rule on Impersonation of Government and Businesses (16 C.F.R. Part 461), which prohibits the impersonation of government, businesses, and their officials or agents in interstate commerce as deceptive or unfair acts or practices.

The new rule will become effective 30 days after it is published in the Federal Register.

The FTC has also issued a supplemental notice of proposed rulemaking that would, if finalized as proposed, amend the amend the new rule to revise its title, add a prohibition on the impersonation of individuals, and extend liability for violations of the rule to parties who provide goods and services with knowledge or reason to know that those goods or services will be used in impersonations of the kind that are themselves unlawful under the Rule.

In its press release announcing the rule on impersonation of government and businesses and the supplemental notice of proposed rulemaking that would amend the rule, the FTC said it is proposing the amendments in light of surging complaints around impersonation fraud, as well as public outcry about the harms caused to consumers and to impersonated individuals. The Commission said that “emerging technology – including AI-generated deepfakes – threatens to turbocharge this scourge, and the FTC is committed to using all of its tools to detect, deter, and halt impersonation fraud.”

Comments on the supplemental notice of proposed rulemaking will be accepted for 60 days after Federal Register publication.


U.S. sanctions two affiliates of Russian ransomware group

The Treasury Department on Tuesday reported that OFAC has designated two individuals who are affiliates of the Russia-based ransomware group LockBit. This action is the first in an ongoing collaborative effort with the U.S. Department of Justice, Federal Bureau of Investigation, and international partners targeting LockBit.

For identification information on the two individuals, see BankersOnline's February 20, 2024, OFAC Update.


Social Security proposes to use electronic payroll data

The Social Security Administration has published [89 FR 11773] a proposed rule, "Use of Electronic Payroll Data to Improve Program Administration," describing the agency’s plans for accessing and using information from payroll data providers to reduce improper payments, including overpayments, which improves service to customers.

Unreported, late reported, and incorrectly reported earnings are often a cause of overpayments for people who receive Social Security Disability Insurance (SSDI) benefits and Supplemental Security Income (SSI) payments. When a person has been overpaid, the law requires the agency to ask for repayment, which can create financial difficulties for beneficiaries.

Social Security is working to reduce wage-related improper payments by using its legal authority to establish information exchanges with payroll data providers. These exchanges will help ensure the agency receives timely and accurate wage data. These exchanges and the agency’s planned business process is called the Payroll Information Exchange (PIE).

PIE will help reduce manual reporting errors as well as the reporting burden for individuals who authorize Social Security to obtain their wage and employment information through these information exchanges and work for employers whose payroll data is available through the exchange. PIE will also help to more quickly identify wages that often go unreported or undetected and which can lead to improper payments.

Comments on the proposal will be accepted through April 15, 2024.


OCC workshops for directors and senior managers

The OCC reports it has opened registration for its 2024 schedule of in-person workshops for board directors and senior management of national community banks and federal savings associations.

The OCC examiner-led workshops provide practical training and guidance to directors and senior management of national community banks and federal savings associations to support the safe and sound operation of community-based financial institutions.

The OCC offers five daylong workshops:

  • Building Blocks: Developing Strong Management
  • Risk Governance: Improving Effectiveness
  • Compliance Risk: Understanding the Rules
  • Credit Risk: Recognizing and Responding to Risk
  • Operational Risk: Navigating Rapid Changes

The OCC is also offering a half-day workshop, Capital Markets: Keeping Current. This workshop covers balance sheet management risks, as well as hot topics and risk themes for bankers and regulators in the capital markets area.

Workshops are limited to 35 participants. Attendees will receive course materials, supervisory publications, and lunch.

Schedules, locations, cost and fee waiver information, and online registration are available on the OCC's website.


FinCEN sees increase in reports of use of CVC for child exploitation and human trafficking

Yesterday, FinCEN issued a Financial Trend Analysis (FTA) reflecting an increase in Bank Secrecy Act (BSA) reporting associated with the use of convertible virtual currency (CVC) and online child sexual exploitation (OCSE) and human trafficking. This FTA is based on BSA reporting filed between January 2020 and December 2021.

The analysis detailed in this FTA furthers Treasury efforts to combat human trafficking as well as the illicit uses of CVC. For example, Brian Nelson, Treasury’s Under Secretary for Terrorism and Financial Intelligence, announced at the President’s Interagency Task Force to Monitor and Combat Trafficking that FinCEN has joined the Canadian financial intelligence unit’s Project Protect—a flagship public-private partnership on human trafficking. In addition, in June 2021, FinCEN identified human trafficking and cybercrime as among the “Anti-Money Laundering and Countering the Financing of Terrorism National Priorities” issued pursuant to the Anti-Money Laundering Act of 2020.

More recently, in October 2023, FinCEN issued a finding pursuant to Section 311 of the USA PATRIOT Act that CVC mixing is a class of transactions of primary money laundering concern and proposed reporting requirements to increase transparency in connection with CVC mixing.

FinCEN’s analysis highlights the value of BSA reporting filed by regulated financial institutions.


OFAC targets Iranian procurement network and malicious cyber actors

The Treasury Department on Friday announced sanctions against a transnational procurement network supporting Iran's ballistic missile and unmanned aerial vehicle (UAV) programs.

In a separate release, Treasury announced sanctions against actors responsible for malicious cyber activities on critical infrastructure in the U.S. and other countries.

For the names and identification information of the designated individuals and entities, see BankersOnline's February 2, 2024, OFAC Update.


FRB Financial Services adds ACH risk management service

Federal Reserve Financial Services has announced its launch of FedDetect Anomaly Notification for FedACH Services, a new risk management service that helps financial institutions identify anomalous activity and supplement their fraud detection and alerting tools. This new addition to FedACH Risk Management Services allows financial institutions to receive notifications via secure email when anomalous FedACH activity is detected.

The new service can help financial institutions catch potential fraud attempts with account verification through micro-entry return and forward-entry monitoring. It can also help originating financial institutions adhere to Nacha rules around notifications of change and avoid future rule violations.


CFPB proposes rule to prohibit potential new NSF fees

In anticipation of potential new NSF fees for transactions rejected "right at the swipe, tap, or click," the CFPB has announced a proposed new rule that would prevent non-sufficient funds fees on transactions that financial institutions decline in real time. These types of transactions include declined debit card purchases and ATM withdrawals, as well as some declined peer-to-peer payments. The proposed rule would cover banks, credit unions, and certain peer-to-peer payment companies.

Financial institutions almost never charge fees for transactions that are declined in real time at the swipe, tap, or click. For example, a $100 grocery purchase with a debit card may be declined in real time when the account only has $90. These types of transactions are not processed like Automated Clearing House transactions, and are generally not assessed fees. The CFPB said it is taking proactive steps to ensure that financial institutions do not impose these fees, which can occur for a host of reasons that are out of the consumer’s control. Specifically, as technology advances, financial institutions may be able to decline more transactions right at the swipe, tap, or click. These transactions include ATM, debit or prepaid card, online transfer, in-person bank teller, and certain person-to-person transactions. The CFPB’s proposed rule would consider fees for transactions declined in real time to be abusive and unlawful under the Consumer Financial Protection Act.

The proposal would add new Part 1042, "Nonsufficient Funds Fees," to Chapter X of Title 12 of the Code of Federal Regulations. Comments on the proposal will be accepted through March 25, 2024.

PUBLICATION UPDATE: Published at 89 FR 6031 in the January 31, 2024, Federal Register.


U.S., Australia, and UK sanction Russian cyber hacker

On Tuesday, OFAC, in coordination with Australia and the United Kingdom, designated Alexander Ermakov, a cyber actor who played a pivotal in the 2022 ransomware attack against Medibank Private Limited, an Australian healthcare insurer.

Australia sanctioned Ermakov on Monday for utilizing ransomware to attack the Medibank network and for the exfiltration of sensitive data of 9.7 million users of Medibank services. Tuesday, the United States and the United Kingdom, in solidarity with Australia, took action against Ermakov because of the similar risk he presents to the United States and the UK.

For identification information on Ermakov, see BankersOnline's January 23, 2024, OFAC Update.


FTC proposes amendments to COPPA rule

The Federal Trade Commission has published [89 FR 2034] in this morning's Federal Register a proposal to amend the Children's Online Privacy Protection Rule, consistent with the requirements of the Children's Online Privacy Protection Act (COPPA).

The proposed modifications are intended to respond to changes in technology and online practices, and where appropriate, to clarify and streamline the Rule. The proposed modifications, which are based on the FTC's review of public comments and its enforcement experience, are intended to clarify the scope of the Rule and/or strengthen its protection of personal information collected from children.

Comments on the proposal are due by March 11, 2024.


Training View All

Penalties View All

Search Top Stories